Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1200
  • Last Modified:

how to block my lan to surf adult site?

i have a linux router...in my linux router...i have snort, firewall script...my second nic is connected to switch and then from switch to my LAN...so i want if on of the client in LAN typing something at webbrowser such as XXX...so the page will be replace with a page that i create my own self...is that possible?
1 Solution
What you want to do is install a proxy.  Check out "squid" at

operation1612Author Commented:
you mean install a proxy in my gateway?...that mean i will have to open port for proxy?...
operation1612Author Commented:
at least i dont want any another port to be open in my linux router...unless there is no other choice...thanks
Who's Defending Your Organization from Threats?

Protecting against advanced threats requires an IT dream team – a well-oiled machine of people and solutions working together to defend your organization. Download our resource kit today to learn more about the tools you need to build you IT Dream Team!

Squid is a proxy that you can install in the same box.  What you can do is intercept http requests coming from the inside network, look at what is being requested and then reply appropriately.  

There doesn't have to be any additional ports open from the outside to accomplish this (or the inside either, for that matter).
install squid (or whatever proxy you like), then use iptables to redirect any outbound traffic to squid, ready.
I run DansGuardian on top of Squid as a content filter system like so:

user -> dansguardian:3128  -> (good) squid:80 -> Internet
                   (bad) blocked page that I crafted from the available template

Follow that up with iptables to block direct connect and use the squidguard ruleset that very easily integrates with DansGuardian and you have a pretty darn good content filter system.

Alternatively, you can leave the squid off (i.e. no caching) and simply just use dansguardian as a filter.
dansguradian is definetaly good but sometimes it slow down the internet speed...

use squid and its ACL
go through this link and u can block any site to some and allow some... through this u can do anything u want in a proxy server ..... squid alone is very powerfull...

Featured Post

Hire Technology Freelancers with Gigs

Work with freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely, and get projects done right.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now